Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-23 | CVE-2023-6118 | Path Traversal vulnerability in Neutron products Path Traversal: '/../filedir' vulnerability in Neutron IP Camera allows Absolute Path Traversal.This issue affects IP Camera: before b1130.1.0.1. | 7.5 |
| 2023-11-23 | CVE-2023-4593 | Path Traversal vulnerability in Seattlelab Slmail 5.5.0.4433 Path traversal vulnerability whose exploitation could allow an authenticated remote user to bypass SecurityManager's intended restrictions and list a parent directory via any filename, such as a multiple ..%2F value affecting the 'dodoc' parameter in the /MailAdmin_dll.htm file. | 6.5 |
| 2023-11-22 | CVE-2023-6265 | Path Traversal vulnerability in Draytek Vigor2960 Firmware 1.5.1.4/1.5.1.5 ** UNSUPPORTED WHEN ASSIGNED ** Draytek Vigor2960 v1.5.1.4 and v1.5.1.5 are vulnerable to directory traversal via the mainfunction.cgi dumpSyslog 'option' parameter allowing an authenticated attacker with access to the web management interface to delete arbitrary files. | 8.1 |
| 2023-11-22 | CVE-2023-47251 | Path Traversal vulnerability in M-Privacy Mprivacy-Tools and Tightgatevnc In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, a Directory Traversal in the print function of the VNC service allows authenticated attackers (with access to a VNC session) to automatically transfer malicious PDF documents by moving them into the .spool directory, and then sending a signal to the VNC service, which automatically transfers them to the connected VNC client's filesystem. | 6.5 |
| 2023-11-22 | CVE-2023-47467 | Path Traversal vulnerability in Jeecg Jeecg-Boot 3.6.0 Directory Traversal vulnerability in jeecg-boot v.3.6.0 allows a remote privileged attacker to obtain sensitive information via the file directory structure. | 6.5 |
| 2023-11-22 | CVE-2023-47313 | Path Traversal vulnerability in H-Mdm Headwind MDM 5.22.1 Headwind MDM Web panel 5.22.1 is vulnerable to Directory Traversal. | 5.4 |
| 2023-11-22 | CVE-2023-6160 | Path Traversal vulnerability in Lifterlms The LifterLMS – WordPress LMS Plugin for eLearning plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 7.4.2 via the maybe_serve_export function. | 6.7 |
| 2023-11-22 | CVE-2023-6252 | Path Traversal vulnerability in Hyphensolutions Chameleon Power 1.0 Path traversal vulnerability in Chalemelon Power framework, affecting the getImage parameter. | 7.5 |
| 2023-11-22 | CVE-2021-22151 | Path Traversal vulnerability in Elastic Kibana It was discovered that Kibana was not validating a user supplied path, which would load .pbf files. | 4.3 |
| 2023-11-21 | CVE-2023-48299 | Path Traversal vulnerability in Pytorch Torchserve TorchServe is a tool for serving and scaling PyTorch models in production. | 5.3 |